Tangerine 2-FA is Here
Got an email saying "Good news! As part of our commitment to keeping your money and personal information safe, we’ve launched 2‑Step Authentication. - a security feature designed with your peace of mind, in mind!"
I've been waiting for it since December. Tangerine did not provide a date for the launch. As most suspected, it's 2-FA via SMS, which is still vulnerable to sim card swaps. But it's still better than just having login/password/secret questions. Also, the email mentions that alternative 2-FA methods will come in the future...of course with no date provided!
IMO they should still have kept secret questions with the 2-FA (on an unregistered computer for example). Also, I hope Tangerine is not allowing password resets via SMS because that would be a huge vulnerability.
Still, I guess this is progress and better than nothing.
I've been waiting for it since December. Tangerine did not provide a date for the launch. As most suspected, it's 2-FA via SMS, which is still vulnerable to sim card swaps. But it's still better than just having login/password/secret questions. Also, the email mentions that alternative 2-FA methods will come in the future...of course with no date provided!
IMO they should still have kept secret questions with the 2-FA (on an unregistered computer for example). Also, I hope Tangerine is not allowing password resets via SMS because that would be a huge vulnerability.
Still, I guess this is progress and better than nothing.
For Sale: